[milters] Archive

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------
It seems to be working ok for that scenario but maybe the option needs
to be expanded but I'm not sure if it would be per RFC
Here's an example of what I'm seeing. In this case it's someone sending
the junk thru Comcast mail servers (broadband provider).
Mar 1 08:31:36 eeyore milter-sender[4511]: [ID 345448 mail.debug] 38349
j21DTdnj012362: trying MX 0 'm0rtgagelenders.com.' [222.223.134.248] for
<Esther.Clinton@m0rtgagelenders.com>
Mar 1 08:31:36 eeyore milter-sender[4511]: [ID 594334 mail.debug] 38349
j21DTdnj012362: opening SMTP connection to 222.223.134.248
Mar 1 08:32:06 eeyore milter-sender[4511]: [ID 799110 mail.debug] 38349
j21DTdnj012362: retrying server
Mar 1 08:32:06 eeyore milter-sender[4511]: [ID 345448 mail.debug] 38349
j21DTdnj012362: trying MX 0 'm0rtgagelenders.com.' [222.223.134.248] for
<Esther.Clinton@m0rtgagelenders.com>
Mar 1 08:32:06 eeyore milter-sender[4511]: [ID 594334 mail.debug] 38349
j21DTdnj012362: opening SMTP connection to 222.223.134.248
Mar 1 08:32:07 eeyore milter-sender[4511]: [ID 116901 mail.debug] 38349
j21DTdnj012362: closing SMTP connection
Mar 1 08:32:18 eeyore sendmail[12362]: [ID 801593 mail.info]
j21DTdnj012362: Milter: to=<xxxxxxxxxxxx@med.wayne.edu>, reject=450
4.7.1 recipient denied, because MX 0 'm0rtgagelenders.com.'
[222.223.134.248] for <Esther.Clinton@m0rtgagelenders.com> not answering
Mar 1 08:32:22 eeyore sendmail[12362]: [ID 801593 mail.info]
j21DTdnj012362: from=<Esther.Clinton@m0rtgagelenders.com>, size=1087,
class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=rwcrmxc17.comcast.net
[204.127.198.34]
After this milter-sender caches the info and further does 450s for
awhile then does a full check again at the end of the TTL. I have over
270 retries for this one (looks to be every minute and a half). Maybe
there should be something like GreyListRejectCount option but for
non-greylisted temp rejects. Thoughts?
Bobby Rose
Sr Systems Administrator, MSIS Network Operations
Wayne State University School of Medicine
-----Original Message-----
From: milters-bounce@milter.info [mailto:milters-bounce@milter.info] On
Behalf Of Anthony Howe
Sent: Monday, February 14, 2005 3:09 AM
To: milters@milter.info
Subject: [milters] Re: Milter-Sender question
Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------
Rose, Bobby wrote:
> Is it possible to have milter-sender to 550 failed DNS lookups? I
> have this stupid issue where Univ of Michigan's MX's for their email
> forwarding service doesn't do any kind of sendmail DNS checks. So
> they accept bogus domains and such and relay the junk on. The problem
> is that when milter-sender 450s these guys, those Umich servers keep
> trying over and over again until they reach their timeout. The end
> result is that we get 1000s of connections from them and most of it is
> these resend attempts. They ignored my complaints until I blocked
> them and some users complained at which I finally got a response from
> their postmaster but I doubt they are going to do anything about it.
> If I could 550 this junk being forwarded thru them then that should
stop it.
> I know that DNS failures should be temp but 450ing them just leads to
> DoS.
I'll consider it an option for the next release. In the meantime you
could try this patch. I've just whipped this one up, pretty simple
really, but have not tested it just yet as I'm fighting the flu just
now.
--
Anthony C Howe +33 6 11 89 73 78
http://www.snert.com/ ICQ:
7116561 AIM: Sir Wumpus
"Once...we were here." - Last of The Mohicans